mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 14:15:37 +00:00
Add ChangeLog entry
This commit is contained in:
parent
7b774483bf
commit
660f4f8c5b
|
@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS 2.7.x branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
|
||||
implement blinding. Because of this for the same key and message the same
|
||||
blinding value was generated. This reduced the effectiveness of the
|
||||
countermeasure and leaked information about the private key through side
|
||||
channels. Reported by Jack Lloyd.
|
||||
|
||||
Bugfix
|
||||
* Run the AD too long test only if MBEDTLS_CCM_ALT is not defined.
|
||||
Raised as a comment in #1996.
|
||||
|
|
Loading…
Reference in a new issue